Subscription to the full report on a daily basis can be obtained:
Send an eMail to dhsdailyadmin@mail.dhs.osis.gov with the subject "DHS Daily Open Source Infrastructure Report" and the following line in the body...subscribe.
To obtain a complete copy of the current report proceed to the DHS link below.
To obtain reports more than 10 business days old, send an eMail to DHS_Reports@e-computer-security.com. Be specific as to the reports you wish to receive.

• A mammoth fire that shut the second-largest
refinery in California and sent hundreds of people to hospitals with
respiratory problems was extinguished August 7 as fears of a months-long
closure caused a 25-cent spike in area gasoline prices. – Reuters

1.
August 7, Reuters – (California) Blaze
out at Chevron Bay Area refinery; gasoline spikes. A fire that shut Chevron
Corp’s Richmond plant, the second-largest refinery in California, was
extinguished August 7 as fears of a months-long closure caused a 25-cent spike
in regional gasoline prices. The fire that spewed flames and a column of smoke
high above the densely populated industrial suburb of east San Francisco Bay
started late the afternoon of August 6 and was contained 5 hours later, then
extinguished, Chevron said. Officials allowed a small controlled burn to
continue, the firm said. The 245,000-barrels-per-day (bpd) plant, which
accounts for one-eighth of California’s refining capacity, was partially shut
down. An order for more than 100,000 nearby residents to remain indoors was
lifted, and local transit stations reopened, authorities said. About 200 people
sought medical help, complaining of respiratory problems, the San Pablo,
California-based Doctors Medical Center said. The Kaiser Permanente Richmond
Medical Center said it saw about 150 people with similar concerns but had no
admissions. The fire started in the No. 4 crude unit, the only one at the
plant, Chevron said. As the leak grew, workers were evacuated. The company said
there had been only one injury, which it described as minor, among workers. The
extent of damage was not clear. Any lengthy disruption in production could
affect the supply of fuel on the West Coast, particularly gasoline, due to the
difficulty in meeting California’s super-clean specifications. The region also
has few alternative supply sources. Source: http://www.reuters.com/article/2012/08/07/us-chevron-refinery-idUSBRE8760MK20120807?feedType=RSS&feedName=domesticNews

• Clean-up continued August 7, 1 day after a
train transporting liquid petroleum gas in Cramerton, North Carolina, derailed
and forced many people to evacuate homes. – WSOC 9 Charlotte

14.
August 7, WSOC 9 Charlotte – (North
Carolina) Cleanup continues after train derails in Cramerton. People who
were evacuated after the August 6 derailment of a train transporting liquid
petroleum gas in Cramerton, North Carolina, were allowed back home. August 7,
crews had removed most of the damaged cars and were working to replace damaged
tracks. The incident happened along 8th Avenue. There were 3 locomotives and
121 cars, 19 of which derailed. There were four tank cars containing liquid
petroleum among the derailed, but officials said there was no leak. The train
was headed from Linwood, North Carolina, to Macon, Georgia. The tracks go right
through neighborhoods. Crews used heavy equipment to clear and fix the tracks,
cutting through some of the damaged line, August 6 and 7. About a quarter-mile
of track that was damaged during the derailment will have to be replaced. Some
of the damaged cars have been moved off the track and onto the side. One of the
two lines along the stretch was back up and running. Source: http://www.wsoctv.com/news/news/train-partially-derails-cramerton/nQCDq/

• Forty people in
eight States have been linked to an outbreak of Salmonella Enteritidis from
ground beef, the Centers for Disease Control and Prevention (CDC) said August

6. – Food Safety News

23.
August 6, Food Safety News –
(National) CDC: 40 sick in multistate Salmonella ground beef outbreak. Forty
people in eight States have now been linked to an outbreak of Salmonella
Enteritidis from ground beef, the Centers for Disease Control and Prevention
(CDC) said August 6. The number of victims in the outbreak is up from 33 people
in 7 States as of July 23. According to the CDC, the States with reported
illnesses are Maine (1), Massachusetts (3), New Hampshire (2), New York (18),
Rhode Island (2), Vermont (11), Virginia (2), and West Virginia (1). CDC said a
multi-agency investigation has implicated ground beef produced by Cargill Meat
Solutions at a single facility is the likely source. July 22, Cargill Meat
Solutions recalled 29,339 pounds of fresh ground beef. Cargill said it does not
test for Salmonella Enteritidis in beef: ―This particular strain of Salmonella
Enteritidis in beef has not been linked to a public health problem before, and
no validated test for it in fresh beef is commercially available.‖ Source: http://www.foodsafetynews.com/2012/08/cdc-40-sick-in-multistate-salmonella-ground-beef-outbreak/#.UCEQg6D6fEU

• The president of
Plaquemines Parish, Louisiana, declared a state of emergency August 7 due to a
salt wedge moving north up the Mississippi River, threatening the parish’s
drinking water supply. – WWL 4 New Orleans

26.
August 7, WWL 4 New Orleans – (Louisiana)
Plaquemines Parish calls state of emergency for drinking water as salt moves
up Miss. River. The president of Plaquemines Parish, Louisiana, declared a
state of emergency August 7 due to a salt wedge moving north up the Mississippi
River, threatening the parish’s drinking water supply. The wedge is moving due
to low water levels in the river. The state of emergency is a precautionary
measure to insure a plan is in place if the need for fresh water arises because
it must be transported via barge to Port Sulphur and the east bank. The parish
has three fresh water intake valves and officials did not plan on closing the
valves in the immediate future. If the salinity of the water becomes too high,
Jefferson Parish will allow the parish to take fresh water to the lower parts
of Plaquemines Parish. Plaquemines Parish officials were working closely with
the U.S. Army Corps of Engineers, the Governor’s Office of Homeland Security
and Emergency Preparedness, and the Coastal Protection and Restoration
Authority Board. Source: http://www.wwltv.com/news/Plaquemines-Parish-keeping-eye-on-drinking-water-quality-as-salt-moves-up-Miss-River-165195766.html

• Police in Florida
were trying to solve a mystery surrounding a man arrested with an enormous
stash of fake military, law enforcement, and medical paraphernalia including
federal badges, police radios, and a full NASA flight suit and helmet. – CNN

38.
August 7, CNN – (Florida) Fake IDs
part of ‘fantasy life,’ Florida man tells police. A man arrested with a
stash of fake military, law enforcement, and medical paraphernalia — including
badges and uniforms — told investigators he ―lives in a fantasy world,‖ police
officials in Florida said August 7. However, authorities still are not
convinced the man is telling the truth, the New Port Richey police chief said.
Police arrested the man in New Port Richey August 1 for a traffic offense and
parole violation. An officer noticed the identification card he provided seemed
strange and had plastic where it should not have been. That launched the
investigation that led to the stash. The materials found in the man’s two homes
and car included diplomatic license plates and dozens of fake identification
cards from DHS, Immigration and Customs Enforcement, Department of Defense,
CIA, and NASA. The suspect also had access badges to hospitals around Florida,
doctor and nurse scrubs, a respiratory technician badge, police blue lights,
and access stickers to Coast Guard bases around Florida, the police chief said.
During questioning, the man admitted he fabricated most of the credentials and
items police seized, the chief said. Since a news conference August 6 about the
man’s arrest, authorities received more than 100 tips, the police chief said.
Many came them from residents who said they had encounters with the suspect
passing himself off as a law enforcement officer or member of the military.
Source: http://www.cnn.com/2012/08/07/justice/florida-fake-ids/index.html?hpt=hp_t3

• A man was arrested
at a Regal Cinemas in Westlake, Ohio, August 4 after he was discovered to be in
possession of multiple weapons while sitting in an empty theater waiting for
the show to start. – New York Daily News

47.
August 7, New York Daily News – (Ohio)
‘Dark Knight’ copycat arrested at Ohio movie. A man was arrested at a
Regal Cinemas in Westlake, Ohio, August 4 after he was discovered to be in
possession of multiple weapons while sitting in an empty theater waiting for
the show to start, the New York Daily News reported August 7. The suspect
carried a satchel that raised suspicion when he entered the theater. After the
suspect took a seat, an off-duty Westlake police officer who was providing
security to the theater asked to search the bag. The officer found a loaded 9mm
Glock handgun, multiple loaded magazines, and three knives inside, a Westlake
police spokesman said. An additional knife was found underneath his clothes.
The police added that being in the back row prevented anybody from being able
to come up from behind the suspect, giving him a ―tactical advantage. Police
searched his truck in the parking lot and found a tactical vest, the station
reported. Cops searched the suspect’s home August 6 and found an additional
arsenal of six to eight pistols, rifles, shotguns, and hundreds of rounds of
ammunition. Officers also discovered prescription medication in the home that
may have prevented him from being able to own firearms. The FBI and the Bureau
of Alcohol, Tobacco, Firearms, and Explosives have assisted with the
investigation, but only State charges have been filed. Source: http://www.nydailynews.com/news/national/dark-knight-copycat-arrested-ohio-movie-theater-article-1.1130755

• A mosque outside
Joplin, Missouri, burned to the ground August 6 in the second fire to hit the
Islamic center in little more than a month, as investigators searched for evidence
of arson. – Associated Press

49. August
7, Associated Press – (Missouri) Fire destroys Mo. mosque; officials seek arson
clues. A mosque outside Joplin, Missouri, burned to the ground August 6 in
the second fire to hit the Islamic center in little more than a month, and
investigators searched through the wreckage for evidence of arson. The Islamic
Society of Joplin’s building was a total loss after the fire, the Jasper County
Sheriff’s Office said. Investigators from the sheriff’s office, the FBI, and
the Bureau of Alcohol Tobacco, Firearms and Explosives, were at the scene
August 6. A fire July 4 was determined to be arson, but no charges were filed.
The FBI released a video of a suspect caught on surveillance video and offered
a $15,000 reward for information leading to an arrest in that fire. The FBI
said it was too early to say if there was surveillance video available from the
August 6 fire. The sheriff’s office said the video equipment was destroyed. The
FBI encouraged anyone with information about either fire to call authorities. A
Jasper County sheriff said patrols at the mosque were stepped up after the July
4 fire was found to be arson. Source: http://azstarnet.com/news/national/fire-destroys-mo-mosque-officials-seek-arson-clues/article_d5624df1-2ca3-5271-82d0-4cb871d32434.html

Details

Banking and Finance Sector

10. August
7, Bloomberg News – (International) SEC freezes another $6 million in Nexen
insider trading case. The U.S. Securities and Exchange Commission (SEC)
obtained a second emergency court order to freeze assets of traders who
allegedly profited from insider knowledge of Cnooc Ltd.’s bid for Nexen Inc.,
Bloomberg News reported August 7. The second order relates to $6 million held
by unknown traders, who the SEC alleges reaped $2.3 million by trading
illegally ahead of Cnooc Ltd.’s announcement that it would buy the Canadian oil
company. The SEC said the traders opened a U.S. brokerage account through Hong
Kong-based CSI Capital Management Ltd. a week before the the Cnooc-Nexen deal.
The SEC first announced July 27 that it suspected insider trading on the deal
with a court order to freeze the assets of traders who allegedly reaped more
than $13 million from illegal trading. Hong Kong-based Well Advantage Ltd. and
unknown traders had bought Nexen stock based on ―nonpublic information‖ and
made an illegal profit of $13 million, the SEC said in a statement. The latest
court order swelled the assets frozen in connection with the insider trading
charges to more than $44 million. Source: http://www.businessweek.com/news/2012-08-07/sec-freezes-another-6-million-in-nexen-insider-trading-case

11. August
7, Reuters – (International) Ex-Lloyds bank security chief admits $3.9 mln
fraud. A former Lloyds Banking Group anti-fraud chief August 7 admitted
cheating the England-based bank of $3.9 million in what prosecutors called a
―huge breach of trust‖ against her employer. The employee, who served as the
U.K. government-backed bank’s interim head of fraud and security for digital
banking, pleaded guilty to fraud and money laundering. She submitted false
invoices to claim the money between late 2007 and December 2011, using some of
the illicit money to buy property in France. Source: http://www.reuters.com/article/2012/08/07/lloyds-fraud-idUSL6E8J77OL20120807

43. August
7, The H – (International) iCloud attack began with Amazon hack. In
an article in Wired, a journalist who recently had several of his electronic
accounts hacked explains how the attackers used flaws in Amazon’s and Apple’s
customer service lines to expose his iCloud password. iCloud customer support
requires a user’s residential address and the last four digits of the
registered credit card to generate a new password. The hackers obtained the
journalist’s residential address from records for a personal domain he
registered. The last four digits of the credit card were obtained through
Amazon. Apple told the New York Times it made a mistake when resetting the password,
and protocols were not completely followed. However, the journalist said a
colleague at Wired was able to reset a different Apple ID by replicating the
same process the hackers used. Source: http://www.h-online.com/security/news/item/iCloud-attack-began-with-Amazon-hack-1661646.html

44. August
7, Help Net Security – (International) Quantum cryptography theory has a proven
security defect. Researchers at Tamagawa University, Quantum ICT Research
Institute, announced August 7 that they proved the incompleteness and limit of
the security theory in quantum key distribution. They showed the present theory
cannot guarantee unconditional security. Until now, the majority of researchers
in quantum information science believed quantum cryptography (quantum key
distribution) can provide unconditional security. The guarantee of its
unconditional security is given by the trace distance, which is a quantum
version of the evaluation of a mathematical cipher. Source: http://www.net-security.org/secworld.php?id=13383&utm

45. August
6, Threatpost – (International) Attackers go phishing for payroll workers
with Java CVE-2012-1723 exploit. Java flaw CVE-2012-1723 that Oracle
patched in June has been the target of several pieces of malware and Web-based
attacks recently. Now researchers indicate there is a phishing scam targeting
payroll and HR employees that involves an exploit for the Java bug as well. The
latest version of this kind of attack is using a scare tactic, telling
recipients of the phishing email the certificate they use to access their
payroll system is about to expire and needs to be renewed. If the user clicks
on the embedded link, they will end up on a site serving a variety of exploits,
including one for the Java flaw. Source: http://threatpost.com/en_us/blogs/attackers-go-phishing-payroll-workers-java-cve-2012-1723-exploit-080612

Communications Sector

46. August
7, Fort Dodge Messenger – (Iowa) Mediacom explains intermittent
outages. Intermittent outages in services provided by Mediacom over the
last month have frustrated many, the Fort Dodge Messenger reported August 7.
According to the Mediacom director of communications in Des Moines, Iowa, the
outages have been caused by the intense July heat. The nodes serve as many as
400 customers in a single area, she said. When they become burned out by the
heat, it is usually replaced by a technician within 2 hours. The process takes
longer at night, when a technician has to be called in. Another issue is power
loss or damage to power lines. According to the Mediacom director of
communications a MidAmerican Energy line went down August 4, burning Mediacom
cable lines. The lines were promptly repaired, she said. The damage affected
only 40 to 50 customers, as opposed to the impact of a damaged node. Another
cause of intermittent outages was Mediacom upgrading and fine-tuning its
technology. Source: http://www.messengernews.net/page/content.detail/id/550156/Mediacom-explains-intermittent-outages.html?nav=5010

Links

About Me

U.S. Army Retired Chief Warrant Officer with more than 40 years in information technology and 35 years in information security. Became a Certified Information Systems Security Professional in 1995 and have taught computer security in Asia, Canada and the United States. Wrote a computer security column for 5 years in the 1980s titled "for the Sake Of Security", penname R. E. (Bob) Johnston, which was published in Computer Decisions.
Motto: "When entrusted to process, you are obligated to safeguard"